locked
Assigning roles to users by code without SecurityAdministration permission RRS feed

  • Question

  • Hello!

    I'm a begginer working with VS Lightswitch and all the ASP.NET stuff. 

    Here is my problem:

    I have an application where users follow a certain hierarchy: we have employees, Area Managers, Department Managers, ...

    When creating a new employee he will be assigned a role automatically according to his level on the hierarchy: employee role, area manager role, and so on...

    None of the application users is going to have the SecurityAdministration privilege, so how could I handle this by code?

    The only thing that I've tried until now is trying to access this data through SecurityData, but it's not possible without the SecurityAdministration permission...

    I have read a little about creating custom membership, role and profile providers but I'm not sure if this is gonna work in my case, and if it's neccesary to do it this way.

    Any help will be appreciated! :) 

    • Moved by CoolDadTx Thursday, March 12, 2015 3:33 PM Lightswitch related
    Thursday, March 12, 2015 2:57 PM

Answers

  • It was just as simple as addind this code into a method that runs on the server side (_deleted, _deleting, _inserted, _inserting, ...):

    if (!Application.Current.User.HasPermission(Permissions.SecurityAdministration))
                {
                    Application.Current.User.AddPermissions(Permissions.SecurityAdministration);
                }

    And then do whatever that needed the SecurityAdministration permission to get done.

    Once the method finishes, the permissions return to their original values.

    The article where I get the info:

    http://blogs.msdn.com/b/lightswitch/archive/2011/04/07/how-to-elevate-permissions-in-server-code-ravi-eda.aspx

    • Marked as answer by promqueen Thursday, March 12, 2015 3:36 PM
    Thursday, March 12, 2015 3:36 PM